CompTIA Security+ Certification Study Guide
Exam SY0-201 3E
- 3rd Edition - July 31, 2009
- Imprint: Syngress
- Author: Ido Dubrawsky
- Language: English
- eBook ISBN:9 7 8 - 1 - 5 9 7 4 9 - 5 4 0 - 0
CompTIA Security+ Certification Study Guide: Exam SYO-201, Third Edition, offers a practical guide for those interested in pursuing CompTIA Security+ certification. The book is… Read more
Purchase options
Institutional subscription on ScienceDirect
Request a sales quoteCompTIA Security+ Certification Study Guide: Exam SYO-201, Third Edition, offers a practical guide for those interested in pursuing CompTIA Security+ certification. The book is organized into six parts. Part 1 deals with general security issues including security threats; hardware and peripheral security risks; the fundamentals of operating system (OS) hardening; implementing system security applications; and concepts of virtualization. Part 2 discusses the fundamentals of network security. Part 3 focuses on network access and network authentication. Part 4 explains the importance of risk assessments and risk mitigation, and how to conduct them. Part 5 reviews general cryptographic concepts and addresses the complex issues involved in planning a certificate-based public key infrastructure (PKI). Part 6 on organizational security discusses redundancy planning; environmental controls; implementing disaster recovery and incident response procedures; and the policies, procedures, and documentation upon which organizational computer security is based. Each chapter begins with Exam Objectives and concludes with Self-Test questions along with their corresponding answers.
- Complete exam-prep package includes full coverage of new Security+ objectives, flash cards, cram sheets, MP3s for exam-day study, PPT presentations, two complete practice exams, and certification e-book library
- Authored by a leading Microsoft security expert
- A good reference for both beginning security professionals and seasoned IT professionals
Security+ exam candidates both first-time and recertification
About the Authors
Part 1 Systems Security
Chapter 1 Systems Security Overview
Introduction
Security Threats
Hardware and Peripheral Security Risks
Summary of Exam Objectives
Exam Objectives Fast Track
Exam Objectives Frequently Asked Questions
Self Test
Self Test Quick Answer Key
Chapter 2 OS Hardening
Introduction
General OS Hardening
Server OS Hardening
Workstation OS
Summary of Exam Objectives
Exam Objectives Fast Track
Exam Objectives Frequently Asked Questions
Self Test
Self Test Quick Answer Key
Chapter 3 Application Security
Introduction
Threats Are Moving “Up the Stack”
Application Security Threats
Summary of Exam Objectives
Exam Objectives Fast Track
Exam Objectives Frequently Asked Questions
Self Test
Self Test Quick Answer Key
References
Chapter 4 Implementing System Security Applications
Host Intrusion Detection System
Personal Software Firewall
Antivirus
Antispam
Pop-Up Blockers
Summary of Exam Objectives
Exam Objectives Fast Track
Exam Objectives Frequently Asked Questions
Self Test
Self Test Quick Answer Key
Chapter 5 Virtualization Technologies
Introduction
The Purpose of Virtualization
Benefits of Virtualization
System Virtualization
Application Virtualization
Summary of Exam Objectives
Exam Objectives Fast Track
Exam Objectives Frequently Asked Questions
Self Test
Self Test Quick Answer Key
Part 2 Network Infrastructure
Chapter 6 Network Security
Introduction
General Network Security
Network Security Tools
Network Ports, Services, and Threats
Network Design Elements and Components
Summary of Exam Objectives
Exam Objectives Fast Track
Exam Objectives Frequently Asked Questions
Self Test
Self Test Quick Answer Key
Chapter 7 Wireless Networks
Introduction
Wireless Network Design
Service Set ID Broadcast
Wireless Security Standards
Rogue APs
Data Emanation
Bluetooth
Summary of Exam Objectives
Exam Objectives Fast Track
Exam Objectives Frequently Asked Questions
Self Test
Self Test Quick Answer Key
References
Part 3 Access Control
Chapter 8 Network Access
Introduction
General Network Access
Access Control Methods and Models
Access Control Organization
Logical Access Control Methods
Physical Access Security Methods
Summary of Exam Objectives
Exam Objectives Fast Track
Exam Objectives Frequently Asked Questions
Self Test
Self Test Quick Answer Key
Chapter 9 Network Authentication
Introduction
Authentication Methods
Authentication Systems
Summary of Exam Objectives
Exam Objectives Fast Track
Exam Objectives Frequently Asked Questions
Self Test
Self Test Quick Answer Key
Part 4 Assessments and Audits
Chapter 10 Risk Assessment and Risk Mitigation
Introduction
Conduct Risk Assessments and Implement Risk Mitigation
Use Monitoring Tools on Systems and Networks
Logging and Auditing
Audits
Summary of Exam Objectives
Exam Objectives Fast Track
Exam Objectives Frequently Asked Questions
Self Test
Self Test Quick Answer Key
References
Part 5 Cryptopgraphy
Chapter 11 General Cryptographic Concepts
Introduction
General Cryptography
Encryption Algorithms
Protocols
Cryptography in Operating Systems
Summary of Exam Objectives
Exam Objectives Fast Track
Exam Objectives Frequently Asked Questions
Self Test
Self Test Quick Answer Key
Chapter 12 Public Key Infrastructure
Introduction
PKI Overview
Components of PKI
Registration
Recovery Agents
Implementation
Certificate Management
Summary of Exam Objectives
Exam Objectives Fast Track
Exam Objectives Frequently Asked Questions
Self Test
Self Test Quick Answer Key
Part 6 Organizational Security
Chapter 13 Redundancy Planning
Introduction
Alternate Sites
Redundant Systems
Redundant Arrays of Inexpensive Disks
Spare Parts
Backup Generator
Uninterruptible Power Supply
Summary of Exam Objectives
Exam Objectives Fast Track
Exam Objectives Frequently Asked Questions
Self Test
Self Test Quick Answer Key
Chapter 14 Controls and Procedures
Introduction
Environmental Controls
Implementing Disaster Recovery and Incident Response Procedures
Summary of Exam Objectives
Exam Objectives Fast Track
Exam Objectives Frequently Asked Questions
Self Test
Self Test Quick Answer Key
Chapter 15 Legislation and Organizational Policies
Introduction
Secure Disposal of Systems
Acceptable Use Policies
Password Complexity
Change Management
Information Classification
Vacations
Personally Identifiable Information
Due Care
Due Process
Due Diligence
Service Level Agreements
User Education and Awareness Training
Security-Related HR Policies
Summary of Exam Objectives
Exam Objectives Fast Track
Exam Objectives Frequently Asked Questions
Self Test
Self Test Quick Answer Key
Appendix
Index
- Edition: 3
- Published: July 31, 2009
- Imprint: Syngress
- No. of pages: 784
- Language: English
- eBook ISBN: 9781597495400
ID
Ido Dubrawsky
Ido Dubrawsky (CISSP, CCNA, CCDA) is the Chief Security Advisor for Microsoft’s Communication Sector North America, a division of the Mobile and Embedded Devices Group. Prior to working at Microsoft, Ido was the acting Security Consulting Practice Lead at AT&T’s Callisma subsidiary and a Senior Security Consultant. Before joining AT&T, Ido was a Network Security Architect for Cisco Systems, Inc., SAFE Architecture Team. He has worked in the systems and network administration field for almost 20 years in a variety of environments from government to academia to private enterprise. He has a wide range of experience in various networks, from small to large and relatively simple to complex. Ido is the primary author of three major SAFE white papers and has written, and spoken, extensively on security topics. He is a regular contributor to the SecurityFocus website on a variety of topics covering security issues. Previously, he worked in Cisco Systems, Inc. Secure Consulting Group, providing network security posture assessments and consulting services for a wide range of clients. In addition to providing penetration-testing consultation, he also conducted security architecture reviews and policy and process reviews. He holds a B.Sc. and a M.Sc. in Aerospace Engineering from the University of Texas at Austin.
Affiliations and expertise
Chief Security Advisor, Microsoft’s Communication Sector North America, a division of the Mobile and Embedded Devices Group